Smartphone Pentest Framework (DARPA Cyber Fast Track) is an open source security tool, designed to aid in assessing the security posture of smartphones in an environment. Smartphone Penetration Framework will look at the functionality of the framework including information gathering, remote attacks, client side attacks, social engineering, and post exploitation through both a traditional IP network and the mobile modem, showing how this framework can be leveraged by security teams and penetration testers to gain an understanding of the security posture of the smartphones in an organization.Smartphone Penetration Testing Framework will also show how to use the framework through a command line console, a graphical user interface, and a smartphone based app. The console is a text based Perl program that allows Smartphone Pentest Framework (SPF) users to perform all the server functionality.

- SPF Web based GUI: The GUI is a web based front end for SPF that allows users to perform all the server functionality. It is a set of Perl based webpages.- SPF Android App: The SPF Android App allows users to use the mobile modem of the Android smartphone with SPF to send SMS messages, gather information, etc. Users can also perform server functionality directly from Android smartphones using this application.- SPF Android Agent: The SPF Android Agent is one of Smartphone Pentest Framework post exploitation options. It is transparent to the user and allows SPF users to perform post exploitation tasks such as privilege escalation, information gathering, and remote control on Android phones with the agent installed. Agents for iPhone and Blackberry platforms are currently in development.Smartphone Pentest Framework Video Tutorial

Android network spoofer is a powerful network spoofer wifi that lets you spoof people on your network. Network Spoofer lets you change websites on other people’s computers from an Android phone. After downloading simply log onto a wifi network, choose a spoof to use and press start.Android network spoofer wifi features :
Adblock - block all advertisements
All sites - redirect all traffic to kittenwar.com
All sites - redirect all traffic to a URL of your choice
Blur Images - Blurs all the images on a webpage
Custom Google Search Change - Change the text in Google Searches
Custom YouTube video - Change all videos on YouTube to a custom video
Custom Image Change (image on phone) - replace all images on websites with an image stored on your phone
Custom Image Change (image on web) - replace all images on websites with an image stored on the internet
Flip Images - Flip all images upside down on webpages
Redirect Traffic Through Phone - ARP poison the router to direct all traffic through your device
Rickroll - replace YouTube videos with a rickroll
Text Change - change all text on websites
Trollface - replace all images with a trollface imageAndroid network spoofer wifi attack :
- Arp poison the router. This leverages the root capabilities of a rooted android operating system to perform a Man in the Middle attack against all the hosts on the network. Because it attacks the arp cache of the router, you will be able to MITM both wired and wireless hosts on the same network from a single wireless connection. This also requires that you have already obtained an IP Address from the victim network which means Wifi Encryption will not prevent this attack if the attacker already knows the encryption key.
- Choose the attack you would like to execute.
- Execute the attack.Preventing android network spoofer wifi attack :
This attack will be successful on all networks where a user can connect to the network (they must have the encryption key if encryption is in use) and can successfully ARP poison the router. To prevent this type of attack, use wifi encryption and keep untrusted hosts off of your network.
Confirmed Working:
* Google Nexus One
* T-Mobile G-1
* LG Optimus 2x
* Huawei u8150d
* HTC Hero
* Droid Bionic
* Samsung Galaxy S
* Samsung Galaxy S II
* Samsung Galaxy Nexus
* Samsung Infuse 4g
* HTC Amaze (ruby)
Confirmed NOT Working (at the moment):
* Droid / Droid 2 / Droid X
* Motorola Atrix
* Yarvik E-glide
The 'Droid' issue also affects the Motorola Defy and possibly other devices. All these devices fail at the same point.
** Please note that there is no intention for Network Spoofer to include any malicious features. This application is a fun demonstration of how vulnerable home networks are to simple attacks, with permission of the network owner. DO NOT attempt to use Network Spoofer on any corporate or other non-residential networks (eg. at school, university). It becomes very obvious when Network Spoofer is being used on a Network, and use of Network Spoofer will be considered malicious hacking by network administrators. You have been warned. **Download Android Network Spoofer Wifi Attack

Mercury is a framework for exploring the Android platform to find vulnerability and share proof-of-concept exploits. Mercury allows you to assume the role of a low-privileged Android app, and to interact with both other apps and the system. Use dynamic analysis on Android applications and devices for quicker vulnerability assessments. Share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices. Write custom tests and exploits, using the easy extensions interface. Mercury does all of this over the network: it does not require ADB.Mercury framework android vulnerability assessment features :- Interact with the 4 IPC endpoints : activities, broadcast receivers, content providers and services.- Use a proper shell that allows you to play with the underlying linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see).- Find information on installed packages with optional search filters to allow for better control.- Built-in commands that can check application attack vectors on installed applications.- Transfer files between the Android device and your computer.- Create new modules to exploit your latest finding on Android, and playing with those that others have found.Download Mercury Framework Android Vulnerability Assessment

WPScan is android vulnerability WordPress security scanner tool written in java which attempts to find known security weaknesses within WordPress installations. Its intended use it to be for security professionals or WordPress administrators to asses the security posture of their WordPress installations. So WPScan for Android is dedicated as a android penetration testing tool and security vulnerability scanner in the WordPress blogging platform, developed by Alessio Dalla Piazza.
WPScan android vulnerability WordPress security scanner tool features :
- Analysis of WordPress
- Identification of vulnerability (based on the version of WP)
- Enumeration of users
- Recognition of installed plugins (html + analiycs brute force)
- Recognition of the included themes (html + analytics brute force)
- Finding the TimThumb 0day.
[+] Rembember! This is a hacking tool for only test your blog if u have perrmission. And remember again! It is absolutely illegal a violation of federal law to access any computer system in the United States or other without authorization. It’s considered fraud.Download WPScan android vulnerability WordPress security scanner tool